What is cyberwarfare?
Cyberwarfare is Internet-based conflict involving politically motivated attacks on information and information systems. Cyberwarfare attacks can disable official websites and networks, disrupt or disable essential services, steal or alter classified data, and criple financial systems -- among many other possibilities.
According to Jeffrey Carr, author of "Inside Cyber Warfare," any country can wage cyberwar on any other country, irrespective of resources, because most military forces are network-centric and connected to the Internet, which is not secure. For the same reason, non-governmental groups and individuals could also launch cyberwarfare attacks. Carr likens the Internet's enabling potential to that of the handgun, which became known as "the great equalizer."
Examples of cyberwarfare:
- In 1998, the United States hacked into Serbia's air defense system to compromise air traffic control and facilitate the bombing of Serbian targets.
- In 2007, in Estonia, a botnet of over a million computers brought down government, business and media websites across the country. The attack was suspected to have originated in Russia, motivated by political tension between the two countries.
- Also in 2007, an unknown foreign party hacked into high tech and military agencies in the United States and downloaded terabytes of information.
- In 2009, a cyber spy network called "GhostNet" accessed confidential information belonging to both governmental and private organizations in over 100 countries around the world. GhostNet was reported to originate in China, although that country denied responsibility.
The most effective protection against cyberwarfare attacks is securing information and networks. Security updates should be applied to all systems -- including those that are not considered critical -- because any vulnerable system can be co-opted and used to carry out attacks. Measures to mitigate the potential damage of an attack include comprehensive disaster recovery planning that includes provisions for extended outages.
See also: cyberterrorism